IN THE CLAIMS : 

Please amend claims 1, 6, 7, 9, 10, 16, 17, 20, 22, 33 and 35 as follows. 

1 . (Currently Amended) An apparatus for verifying the security integrity of 
remote network devices, comprising: 

a proxy device for rocoivin gc onfigured to receive a request for network services 
by at least one remote network device and p e rforming to perform a security integrity 
scanning operation on the requesting remote network device , wherein the security 
scanning operation is performed at least one of before, and after, the remote network 
device signs on to the proxy device : and 

an authorization processing unit and access control rules unit for 
dctcrmininaeonfigured t o determine if the remote network device is authorized to access 
the requested network services based on the results of the security scanning operation. 

2. (Original) The apparatus as recited in claim 1, wherein the proxy device 
makes integrity security decisions regarding access to network services by a remote 
network device on a request-by-request basis. 

3. (Original) The apparatus as recited in claim 1, wherein the access control 
rules unit includes a plurality of variables used to generate a set of security properties for 
each remote network device. 
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4. (Original) The apparatus as recited in claim 3, wherein the set of security 
properties may be different for each remote network device that accesses and requests 
service through the network. 

5. (Original) The apparatus as recited in claim 1, wherein the proxy device 
uses at least one script to select of the type of scanning operations to be performed for 
each remote network device accessing the network. 

6. (Currently Amended) The apparatus as recited in claim 5, wherein the 
proxy device uses a Java applet for e xecutin g to execute the desired script on the remote 
network device. 

7. (Currently Amended) The apparatus as recited in claim 6, wherein a signed 
applet? executing the script, is allowed to access the remote network device for the 
purposes of executing programs as well as searching and roadm g to search and read 
specific data files that reside on the remote network device. 

8. (Original) The apparatus as recited in claim 1, wherein the authorization 
processor refers to a series of variable values in the access control rule unit to determine 
if a remote network device is authorized to access the requested network service. 
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9. (Currently Amended) A system for verifying security integrity of remote 
network devices, comprising: 

at least one remote network device that acc e sses configured to accesses a network 
via a network connection to make a request for one or more network resident services; 

a gateway device for roccivin g configured to receive the request for services and 
performing perform a security integrity scanning operation on the remote network device 
prior to allowing access to the requested network services , wherein the security scanning 
operation is performed at least one of before and after the remote network device signs on 
to the gateway device : 

an authentication server that verifies user authentication credentials of users of 
remote network devices that access the network; and 

at least one network server that provides requested network services to at least one 
remote network device accessing the network through the gateway device. 

10. (Currently Amended) The system as recited in claim 9, wherein the 
gateway device further comprises a proxy server for establishing to establish a data 
communication connection between the remote network device and the network server. 

1 1 . (Original) The system as recited in claim 9, wherein said gateway device 
further comprises an access control rules unit used to determine if a remote network 
device is authorized to access the requested network services. 
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12. (Original) The system as recited in claim 9, wherein the gateway device 
makes integrity security decisions regarding access to network services by a remote 
network device on a request-by-request basis. 

13. (Original) The system as recited in claim 9, wherein the access control rules 
unit includes the plurality of variables used to generate a set of security properties for 
each remote network device. 

14. (Original) The system as recited in claim 13, wherein the set of security 
properties may be different for each remote network device that accesses and requests 
service through the network. 

15. (Original) The system as recited in claim 9, wherein the proxy device uses 
at least one script to select of the type of scanning operation to be performed for each 
remote network device accessing the network. 

16. (Currently Amended) The system as recited in claim 15, wherein the proxy 
device uses a Java applet for oxocutin g to execute the desired script on the remote network 
device. 
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17. (Currently Amended) The system as recited in claim 16, wherein a signed 
applet? executing the script, is allowed to access the remote network device for the 
purposes of executing programs as well as s e arching and roadin g search and read specific 
data files that reside on the remote network device. 

1 8. (Previously Presented) The system as recited in claim 9, further comprising 
the use of secure socket layer (SSL) to protect data communicated between the remote 
device and the gateway device. 

19. (Original) The system as recited in claim 11, wherein the gateway device 
further comprises an authorization processor that refers to a series of variable values in 
the access control rule unit to determine if a remote network device is authorized to 
access the requested network service. 

20. (Currently Amended) The system as recited in claim 9, wherein the 
networks used for establishing communication between said remote device and said 
gateway uses -comprises g lobal system for mobile communications (GSM), general 
packet radio service (GPRS), wireless application protocol (WAP), enhanced data for 
gsm evolution (EDGE), or_universal mobile telecommunications system (UMTS ) or other 
similar wir e less n e twork protocol . 
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21 . (Previously Presented) The system as recited in claim 9, wherein the remote 
network device can either be a public kiosk, personal computer, cellular telephone, 
satellite telephone, personal assistant or BLUETOOTH device. 

22. (Currently Amended) A method for verifying security integrity of remote 
network devices, the method comprising: 

defining at least one variable used as a vehicle to convey results of the-a_scanning 
process; 

downloading verification software via a network connection to the remote network 
device that performs scanning process and reports result used in scanning script, 
including at least one variable; 

performing at least one scanning operation on the remote network device to verify 
the security integrity of the remote device , wherein the scanning operation is performed 
at least one of before and after the remote device signs on to a gateway device which is 
configured to perform the at least one scanning operation : and 

obtaining the results of the scanning operation for purposes of determining 
whether or not the remote network device is authorized to access the requested network 
services. 
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23. (Original) The method as recited in claim 22 wherein, the making of 
security decisions with regard to a request for network services by a remote network 
device is done on a per-request basis. 

24. (Previously Presented) The method as recited in claim 22 wherein, an array 
of variables is used to generate a set of security properties for each remote network 
device. 

25. (Original) The method as recited in claim 24, wherein the set of security 
properties may be different for each remote network device that accesses and requests 
service through the network. 

26. (Previously Presented) The method as recited in claim 22, further 
comprising selecting at least one script for the type of scanning operation to be 
performed for each remote network device that accesses the network. 

27. (Previously Presented) The method as recited in claim 26, further 
comprising executing the desired script on the remote network device by using a signed 
Java applet. 
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28. (Previously Presented) The method as recited in claim 16, further 
comprising using a signed applet for executing the script to access the remote network 
device for the purposes of executing programs, searching, and reading specific data files 
that reside on the remote network device. 

29. (Previously Presented) The method as recited in claim 22, further 
comprising assigning a values to a set of variables in the verification software resulting 
from the scanning process of the remote network device. 

30. (Previously Presented) The method as recited in claim 22, further 
comprising using secure socket layer (SSL) to protect the data communicated between 
the remote device and the gateway. 

31. (Previously Presented) The method as recited in claim 29, wherein 
referencing an assigned series of variable values in the access control rules determines if 
a remote network device is authorized to access the requested network service. 

32. (Previously Presented) The method as recited in claim 22, further 
comprising making authorization decisions based in part on results returned by the 
scanning process. 
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33. (Currently Amended) The method as recited in claim 22, further 
comprising transmitting and receiving data, information and applications content between 
a remote device and the gateway using e ither comprises global system for mobile 
communications (GSM), general packet radio service (GPRS), wireless application 
protocol (WAP), enhanced data for gsm evolution (EDGE), or universal mobile 
telecommunication system (UMTS) or oth e r s imilar wir e less n e twork protocol 

34. (Previously Presented) The method as recited in claim 22, wherein the 
remote network device is a public kiosk, personal computer, cellular telephone, satellite 
telephone, personal assistant or BLUETOOTH device. 

35. (Currently Amended) A method for assessing the integrity of remote 
network devices for purposes of regulating access to network services via a network 
gateway comprising: 

defining at least one access control policy for accessing network services wherein 
the access control policy depends, at least in part, on the results of an integrity scan 
performed on the remote network device; 

downloading verification software that an administrator can specify what scan 
scripts are to used under what conditions to the remote network device; 
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performing an integrity scan on the remote network device and conveying at least 
one result of the scan to a gateway device , wherein the integrity scan is performed at least 
one of before and after the remote device signs on to the gateway device : and 

regulating access by the remote network device to network services via the 
gateway device based, at least in part, on the results of the integrity scan. 

36. (Previously Presented) The method as recited in claim 35, further 
comprising making access control decisions with regard to a remote network device on a 
per-service basis. 

37. (Previously Presented) The method as recited in claim 35, further 
comprising using at least one defined variable in each access control policy. 

38. (Previously Presented) The method as recited in claim 35, further 
comprising sending the results of the integrity scan to the gateway in the form of an 
assigned value for the defined variable. 

39. (Previously Presented) The method as recited in claim 35 further 
comprising using a script to specify the integrity scan operations that will be performed 
on the remote network device. 
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40. (Previously Presented) The method as recited in claim 35, further 
comprising using a signed Java applet as verification software to be downloaded to the 
remote network device. 

41. (Previously Presented) The method as recited in claim 39, further 
comprising using a signed applet executing the script to access the remote network device 
for executing programs, searching, and reading specific data files that reside on the 
remote network device. 

42. (Original) The method of claim 35, wherein a plurality of variables is used 
to determine the access control policy for each remote network device accessing the 
network. 

43. (Original) The method as recited in claim 42, wherein the access control 
policy for each remote network device is different. 

44. (Original) The method as recited in claim 38, wherein referencing to an 
assigned series of variable values in the access control rules determines if a remote 
network device is authorized to access the requested network service. 
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45. (Previously Presented) The method as recited in claim 35, further 
comprising using secure socket layer (SSL) to protect data communicated between the 
remote device and the gateway. 

46. (Previously Presented) The method as recited in claim 35, further 
comprising making authorization decisions based in part on results returned by the 
scanning process. 

47. (Previously Presented) The method as recited in claim 35, further 
comprising transmitting and receiving data, information and applications content between 
a remote device and the gateway using either global system for mobile communications 
(GSM), general packet radio service (GPRS), wireless application protocol (WAP), 
enhanced data for gsm evolution (EDGE), universal mobile telecommunication system 
(UMTS) or other similar wireless network protocol. 

48. (Previously Presented) The method as recited in claim 35, wherein the 
remote network device is a public kiosk, personal computer, cellular telephone, satellite 
telephone, personal assistant or BLUETOOTH device. 
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